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8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 
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DETAILED ACTION 
Claim Rejections - 35 USC § 103 

1. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

2. Claim 1-5, 7-8, 16-20, 22-23, 3 1-32 rejected under 35 U.S.C. 103(a) as being 
unpatentable over Cabrera(5,978,815) in view of Shaath et al.(6,654,864), and further in view of 
Miro(5,220,653). 

3. As per claims 1, 3 1-32, Cabrera et al. discloses a method for providing data security in a 
first device driver operable installed in a computer operating system having a layered plurality of 
device drivers for accessing data in a data storage device(see col. 3, lines 15-23, 52-56, col. 7, 
lines 33-43), detecting an I/O request to said first device driver(see col. 7, lines 33-42, col. 16, 
lines 12-53); determining whether said first device driver is functionally uppermost in the 
layered plurality of device drivers(see col. 16, lines 12-22); if said first device driver is 
functionally uppermost in the layered plurality of device drivers, performing the 1/0 request in 
said first device driver(see col. 7, lines 33-63). Cabrera does not disclose if said first device 
driver is not functionally uppermost in the layered plurality of device drivers, denying the I/O 
request in said first device driver, and allowing the I/O request to be performed by a next 
lower-level device driver in the layered plurality of device drivers. However, Shaath discloses if 
said first device driver is not functionally uppermost in the layered plurality of device drivers, 
denying the I/O request in said first device driver, and allowing the I/O request to be performed 
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by a next lower-level device driver in the layered plurality of device drivers (see col. 6, lines 10- 
27). It would have been obvious to one of ordinary skill in the art at the time of the invention to 
include if said first device driver is not functionally uppermost in the layered plurality of device 
drivers, denying the I/O request in said first device driver, and allowing the I/O request to be 
performed by a next lower-level device driver in the layered plurality of device drivers of Shaath 
with Cabrera, the motivation is that an NT protected subsystem passes 10 requests to the 
appropriate kernel mode driver through the 10 system services(see col. 4, lines 33-36 of Shaath). 
The NT 10 Manager's layered approach insulates NT drivers from having to know anything 
about whether an 10 request originated in any particular subsystem (see col. 4, lines 43-49 of 
Shaath). Cabrera nor Shaath disclose wherein denying the I/O request in the first device driver 
includes implementing at least one data security measure before allowing the I/O request to be 
performed by the next lower level driver. Miro discloses denying the I/O request in the first 
device driver includes implementing at least one data security measure before allowing the I/O 
request to be performed by the next lower level driver (see col. 3, lines 50-62, col. 4, lines 14- 
65). It would have been obvious to one of ordinary skill in the art at the time of the invention to 
include Miro with the Cabrera-Shaath combination, because prioritizing servicing of I/O requests 
speed up the overall throughput of request servicing (see col. 3, lines 23-27 of Miro). 

4. As per claim 2, Cabrera et al. discloses wherein said first device driver is a file system 
monitor (see col. 4, lines 21-65). 

5. As per claim 3, Cabrera et al. discloses wherein the data is stored in a secure virtual 
File system, and wherein the step of performing the I/O request includes the step of 
implementing data security measures(see col. 20, lines 12-27). 
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6. As per claim 4, Cabrera et al. discloses wherein the data is stored in encrypted form, 
and wherein the step of performing the I/O request further comprises the step of decrypting 
the data(see col. 25, lines 30-51, col. 26, lines 7-25). 

7. As per claim 5, Cabrera et al. discloses wherein the step of performing the I/O request 
further comprises the step of checking the data for viruses (see col. 9, lines 9-51). 

8. As per claim 7, Cabrera discloses wherein the step of denying the I/O request in the secure 
first device driver comprises the steps of is setting a first device driver shutdown flag; and 
initiating a re-hook process(see col. 6, lines 53-67, col. 7, lines 1-4) . 

9. As per claim 8, Cabrera discloses after the step of detecting an I/O request to said 
first device driver, the checking whether a first device driver shutdown flag is set; and if 
said first device driver shutdown flag is set, omitting further steps in said first device driver, 
and allowing the I/O request to be performed by a next lower- level device driver in the 
layered plurality of device drivers(see col. 7, lines 5-42). 

10. As per claim 16, it is rejected under the same basis as claim 1 . 

11. As per claim 17, it is rejected under the same basis as claim 2. 

12. As per claim 18, it is rejected under the same basis as claim 3. 

13. As per claim 19, it is rejected under the same basis as claim 4. 

14. As per claim 20, it is rejected under the same basis as claim 5. 

15. As per claim 22, Cabrera discloses a first device driver shutdown flag and a re-hook 
system, wherein said first device driver denies the I/O request by setting a first device driver 
shutdown flag and calling the re-hook system(see col. 6, lines 53-67, col. 7, lines 1-4) . 

16. As per claim 23, it is rejected under the same basis as claim 8. 
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17. Claims 33, 35 is allowable for detecting an initial calling module address, storing the initial 
calling module address, detecting a second calling module address and comparing the second 
calling module address to the initial calling module address. Prior art fails to disclose 
determining whether the first device driver has been previously called, detecting an initial calling 
module address, storing the initial calling module address, detecting a second calling module 
address and comparing the second calling module address to the initial calling module address, 
in the prior art of network, security and drivers, prior art fails to disclose the limitations above. 
An example of prior art that fails to disclose these limitations is, Cabrera discloses a layered 
plurality of device drivers, and the I/O request is first passed to the first driver and either passed 
down through the next driver in the list or processed within the first driver. This is in contrast, to 
claim limitations above. 

18. Claims 34, and 36 are allowable for the features of, if the number of times has not reached 
a predetermined maximum threshold, initiating reattachment of said first device driver 
functionally uppermost in the layered plurality of device drivers; if said first device driver has 
been reattached functionally uppermost in the layered plurality of device drivers, unsetting said 
first device driver shutdown flag; and concluding the re-hook process. An example of prior art 
that does not disclose this is Jones, Jones discloses a plurality of driver layers, that when a host 
request is received, the first layer device driver executing on the controller determines if the 
request is atomic. 

19. Claims 10-15, 25-30, are objected to as being rejected on base claims, these claims are 
allowable for wherein the step of initiating a re-hook process includes the steps of counting the 
number of times the re-hook process has been initiated checking whether the number of times 
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has reached a predetermined maximum threshold; if the number of times has reached a 
predetermined maximum threshold, initiating a programmable security response; if the number 
of times has not reached a predetermined maximum threshold, initiating reattachment of said 
first device driver functionally uppermost in the layered plurality of device drivers; if said first 
device driver has been reattached functionally uppermost in the layered plurality of device 
drivers, unsetting said first device driver shutdown flag; and concluding the re-hook process. An 
example of prior art that does not disclose this is Jones, Jones discloses a plurality of driver 
layers, that when a host request is received, the first layer device driver executing on the 
controller determines if the request is atomic. 

Response to Amendment 
20. The Applicant has argued the limitations of "wherein denying the I/O request in the first 
device driver includes implementing at least one data security measure before allowing the I/O 
request to be performed by the next lower level", is not taught in Cabrera or Shaath. Miro 
discloses denying the I/O request in the first device driver includes implementing at least one 
data security measure before allowing the I/O request to be performed by the next lower level"; 
Miro discloses each disk I/O request presented to the service kernel of the operating system 
contains a priority indication corresponding to the priority class of the associated task(see col. 4, 
lines 50-53). The service kernel places each request into a selected one of the selected queue in 
the set of holding queues associated with the targeted disk drive(see col. 4, lines 50-55). 



Application/Control Number: 09/70 1 ,20 1 
Art Unit: 2131 



Page 7 



Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jenise E Jackson whose telephone number is (571) 272-3791. 
The examiner can normally be reached on M-Th (6:00 a.m - 3:30 p.m.) alternate Friday's. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on (571) 272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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' AYAZ SHEIKH 
SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 




